Detik News- Exploit DB
- [webapps] Open Web Analytics 1.7.3 - Remote Code Execution November 11, 2022Open Web Analytics 1.7.3 - Remote Code Execution
- [webapps] CVAT 2.0 - Server Side Request Forgery November 11, 2022CVAT 2.0 - Server Side Request Forgery
- [remote] MSNSwitch Firmware MNT.2408 - Remote Code Execution November 11, 2022MSNSwitch Firmware MNT.2408 - Remote Code Execution
- [remote] AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal November 11, 2022AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal
- [local] IOTransfer V4 - Unquoted Service Path November 11, 2022IOTransfer V4 - Unquoted Service Path
- [remote] SmartRG Router SR510n 2.6.13 - Remote Code Execution November 11, 2022SmartRG Router SR510n 2.6.13 - Remote Code Execution
- [webapps] Wordpress Plugin ImageMagick-Engine 1.7.4 - Remote Code Execution (RCE) (Authenticated) October 17, 2022Wordpress Plugin ImageMagick-Engine 1.7.4 - Remote Code Execution (RCE) (Authenticated)
- [webapps] Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi October 6, 2022Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi
- [webapps] Feehi CMS 2.1.1 - Remote Code Execution (Authenticated) September 23, 2022Feehi CMS 2.1.1 - Remote Code Execution (Authenticated)
- [webapps] Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) September 23, 2022Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)
- [webapps] Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS) September 23, 2022Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS)
- [webapps] Aero CMS v0.0.1 - SQLi September 23, 2022Aero CMS v0.0.1 - SQLi
- [webapps] Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS) September 23, 2022Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)
- [webapps] TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE) September 23, 2022TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE)
- [remote] Teleport v10.1.1 - Remote Code Execution (RCE) September 23, 2022Teleport v10.1.1 - Remote Code Execution (RCE)
- [webapps] Open Web Analytics 1.7.3 - Remote Code Execution November 11, 2022
Category Archives: Security
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
Cpanel Down
Siang ini saya coba mengakses cpanel.net dan sepertinya database sedang mengalami masalah. Bisa dibayangkan kalau corporate sebesar Cpanel masih mengalami masalah classic seperti ini. Bagaimana kesiapan Anda dalam hal menangani bisnis Anda yang berhubungan dengan koneksi ke pusat data mengalami … Continue reading
Posted in IT, Security
Leave a comment
Hati-hati pencurian password email
yahoo scam, stolen password yahoo Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
Forecast vulnerability Pligg CMS
Saya cukup kaget melihat ada forecast vulnerability di situs securityfocus.com. Bisa dilihat di screenshoot disamping atau coba klik http://www.securityfocus.com/bid/51273. Aneh tapi cukup nyata.
Posted in IT, Security
Leave a comment